----- Original Message ----- > On Mon, 07 Nov 2011 22:58:05 -0000 (UTC) > Igor Galić <i.ga...@brainsware.org> wrote: > > > The problem most often brought up in regard to releasing plugins > > bundled with the server is that it would make security fixes > > caused by a single plugin a lot harder to test. As a solution > > to this problem I propose to have all plugins bundled together > > and release them separate from the server. > > How does that help? A security issue is a security issue > and needs fixing, regardless of what (other) plugins are in use.
In this case I just meant separate from the base product. If we had any changes in the backlog and a security issue came up in a particular plugin, we can /simply/ fix that one plugin and re-release the (bundle of) plugin(s). It makes testing much easier since plugins are rather stable, code-wise. > It might make sense to separate out particular plugins, > if for example they have a substantially different dev team > or release cycle to the base product. But that would have > to be decided on a case-by-case basis, not a one-size-fits-all, > let alone an indiscriminate bundling! That is true, but it's just a start. I don't think right now we could foretell what kind of challenges lie ahead - but this our inability to tell the future sounds like a bad excuse not to move forward. > -- > Nick Kew > i -- Igor Galić Tel: +43 (0) 664 886 22 883 Mail: i.ga...@brainsware.org URL: http://brainsware.org/ GPG: 571B 8B8A FC97 266D BDA3 EF6F 43AD 80A4 5779 3257
